URLhaus Database

You are currently viewing the URLhaus database entry for https://113.45.253.80/02.08.2022.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3515922
URL: https://113.45.253.80/02.08.2022.exe
URL Status:flame Online (spreading malware for 1 year, 1 month, 29 days, 21 hours, 28 minutes)
Host: 113.45.253.80
Date added:2025-04-17 17:07:10 UTC
Threat:Malware download Malware download
Reporter: NDA0E
Abuse complaint sent (?): Yes (2025-04-17 17:08:29 UTC to ipas{at}cnnic[dot]cn)
Tags:censys CobaltStrike link shellcode

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-06-1102.08.2022.exeunknown 9961d83e6e3f72332d4a97504ea41dfd1485a9faf0b8b924e752e73f16d21c0an/a 
2026-05-2502.08.2022.exeunknown 16262c3c5c6324bb765ac6f0963e5022d3f4d38ef69c85e7788faafd33725feen/a 
2026-04-2002.08.2022.exeunknown 4bff92e2a76449433279a0f1ae8fa5248549ac9b63be8e17f97d6624ee466db8n/a 
2026-04-0802.08.2022.exeunknown 8171c7f377f6e129ba678f46bf3f903c5f64ff580d9ad47c0a73a03028d5bc4bn/a 
2026-04-0202.08.2022.exeunknown a3d6674d30fb27e5f8cd57b5156d53a136ec2750caba61990bdffbdb6982c3dbn/a 
2025-05-0102.08.2022.exeunknown fd8ca31107656dc13fd413be0c0046a44ae2cf8dae5c6ef4e8ace5adf328cbf6n/a 
2025-04-2802.08.2022.exeunknown 2369a6fcd300eb2c44c9d6cec2ccb748cb96d9c9477defad3f019355145d6a8en/a 
2025-04-1802.08.2022.exeunknown f693d5d6cc86ac507306ea1c81440dbbbef7ab9dfbc93ec2846bc32b800acb8bn/a 
2025-04-1802.08.2022.exeunknown 1962e7a7014a07928989e91f0e8892827c8f6ebbad5e915eae70f02d3b1710b5n/a 
2025-04-1702.08.2022.exeunknown 8019d95a7b2d8b1476ee47ac0ec03dc0c0ce348d34d8dbec4623a6bda434ea92n/a